emscom > emscom Help Desk > Knowledgebase

Search help:

Disable NLA on XP Remote Desktop Client


Windows XP SP3 includes an update which enables Network Level Authentication (NLA)

Issues can arise when connecting Remote Desktop Client mstsc (RDC) attempting connection to Windows Server 2008R2, depending on both client and server platform configuration.

When the server is configured to accept NLA connections, an untrusted certificate may be sent to a client which support NLA, causing the client to fail authentication.  The client will prompt for a password to be entered for a second time and the server subsquentaly rejects the connection.

To check whether the client is NLA enabled

Run mstsc.exe, click the icon in the top left corner to displat the Window menu, click About.
The version of the RDC client, hightest supported protocol and NLA support is displayed 

Workaround 1.

Disable  ssp credential suppory in the client
Open the .rdp file in notepad and edit or add the following line


The downside of this workaround is that users will not be able to save their user credentials and password

Workaround 2.

Disable NLA for RDC
Open regedit

Under HKLM\SYSTEM\CurrentControlSet\Control\Lsa 
Edit the REG_MULTI_SZ value named Security Packages and remove tspkg from the list 

Under HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders 
Edit the REG_SZ value named SecurityProviders and remove from the end of the list

, credssp.dll 

Use the mstsc About dialoh to check NLA has been disabled.
Entirely remove any credsspsupport:i: entry which is present in the .rdp file

Users can save their passwords

Note: Windows 7 has NLA enabled by default and their may be no way for users to save RDC credentials.





Was this article helpful? yes / no
Related articles ESXi 6 firewall configuration
QNAP Shared Folders
Windows 2012 Interact With Desktop
ESXi 5.0, 5.1, 5.5 Cannot connect from VSphere client on XP
Remove hidden network adapter
Article details
Article ID: 55
Category: Windows
Date added: 21-02-2014 10:42:11
Views: 3167
Rating (Votes): Article rated 3.2/5.0 (11)

« Go back

Powered by Help Desk Software HESK, in partnership with SysAid Technologies